ed25519 0.1.0 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES.md +13 -0
- data/README.md +6 -3
- data/Rakefile +4 -4
- data/ed25519.gemspec +3 -3
- data/ext/{ed25519 → ed25519_java}/org/cryptosphere/ed25519.java +0 -0
- data/ext/{ed25519 → ed25519_ref10}/api.h +1 -1
- data/ext/ed25519_ref10/base.h +1344 -0
- data/ext/ed25519_ref10/base2.h +40 -0
- data/ext/ed25519_ref10/d.h +1 -0
- data/ext/ed25519_ref10/d2.h +1 -0
- data/ext/ed25519_ref10/ed25519_ref10.c +99 -0
- data/ext/ed25519_ref10/ed25519_ref10.h +33 -0
- data/ext/ed25519_ref10/extconf.rb +9 -0
- data/ext/ed25519_ref10/fe.h +56 -0
- data/ext/ed25519_ref10/fe_0.c +19 -0
- data/ext/ed25519_ref10/fe_1.c +19 -0
- data/ext/ed25519_ref10/fe_add.c +57 -0
- data/ext/ed25519_ref10/fe_cmov.c +63 -0
- data/ext/ed25519_ref10/fe_copy.c +29 -0
- data/ext/ed25519_ref10/fe_frombytes.c +71 -0
- data/ext/ed25519_ref10/fe_invert.c +14 -0
- data/ext/ed25519_ref10/fe_isnegative.c +16 -0
- data/ext/ed25519_ref10/fe_isnonzero.c +19 -0
- data/ext/ed25519_ref10/fe_mul.c +252 -0
- data/ext/ed25519_ref10/fe_neg.c +45 -0
- data/ext/ed25519_ref10/fe_pow22523.c +13 -0
- data/ext/ed25519_ref10/fe_sq.c +148 -0
- data/ext/ed25519_ref10/fe_sq2.c +159 -0
- data/ext/ed25519_ref10/fe_sub.c +57 -0
- data/ext/ed25519_ref10/fe_tobytes.c +119 -0
- data/ext/ed25519_ref10/ge.h +95 -0
- data/ext/ed25519_ref10/ge_add.c +11 -0
- data/ext/ed25519_ref10/ge_add.h +97 -0
- data/ext/ed25519_ref10/ge_double_scalarmult.c +96 -0
- data/ext/ed25519_ref10/ge_frombytes.c +50 -0
- data/ext/ed25519_ref10/ge_madd.c +11 -0
- data/ext/ed25519_ref10/ge_madd.h +88 -0
- data/ext/ed25519_ref10/ge_msub.c +11 -0
- data/ext/ed25519_ref10/ge_msub.h +88 -0
- data/ext/ed25519_ref10/ge_p1p1_to_p2.c +12 -0
- data/ext/ed25519_ref10/ge_p1p1_to_p3.c +13 -0
- data/ext/ed25519_ref10/ge_p2_0.c +8 -0
- data/ext/ed25519_ref10/ge_p2_dbl.c +11 -0
- data/ext/ed25519_ref10/ge_p2_dbl.h +73 -0
- data/ext/ed25519_ref10/ge_p3_0.c +9 -0
- data/ext/ed25519_ref10/ge_p3_dbl.c +12 -0
- data/ext/ed25519_ref10/ge_p3_to_cached.c +17 -0
- data/ext/ed25519_ref10/ge_p3_to_p2.c +12 -0
- data/ext/ed25519_ref10/ge_p3_tobytes.c +14 -0
- data/ext/ed25519_ref10/ge_precomp_0.c +8 -0
- data/ext/ed25519_ref10/ge_scalarmult_base.c +104 -0
- data/ext/ed25519_ref10/ge_sub.c +11 -0
- data/ext/ed25519_ref10/ge_sub.h +97 -0
- data/ext/ed25519_ref10/ge_tobytes.c +14 -0
- data/ext/ed25519_ref10/keypair.c +22 -0
- data/ext/ed25519_ref10/open.c +47 -0
- data/ext/ed25519_ref10/pow22523.h +160 -0
- data/ext/ed25519_ref10/pow225521.h +160 -0
- data/ext/ed25519_ref10/sc.h +17 -0
- data/ext/ed25519_ref10/sc_muladd.c +366 -0
- data/ext/ed25519_ref10/sc_reduce.c +272 -0
- data/ext/{ed25519/sha512-blocks.c → ed25519_ref10/sha512.c} +108 -43
- data/ext/ed25519_ref10/sha512.h +8 -0
- data/ext/ed25519_ref10/sign.c +41 -0
- data/ext/ed25519_ref10/sqrtm1.h +1 -0
- data/ext/{ed25519 → ed25519_ref10}/verify.c +2 -2
- data/lib/ed25519.rb +40 -9
- data/lib/ed25519/provider/jruby.rb +39 -0
- data/lib/ed25519/signing_key.rb +11 -7
- data/lib/ed25519/verify_key.rb +26 -10
- data/lib/ed25519/version.rb +1 -1
- metadata +66 -26
- data/ext/ed25519/crypto_int32.h +0 -6
- data/ext/ed25519/crypto_sign.h +0 -13
- data/ext/ed25519/crypto_uint32.h +0 -6
- data/ext/ed25519/crypto_verify_32.h +0 -7
- data/ext/ed25519/ed25519.c +0 -136
- data/ext/ed25519/ed25519_engine.c +0 -82
- data/ext/ed25519/extconf.rb +0 -6
- data/ext/ed25519/fe25519.c +0 -326
- data/ext/ed25519/fe25519.h +0 -63
- data/ext/ed25519/ge25519.c +0 -311
- data/ext/ed25519/ge25519.h +0 -35
- data/ext/ed25519/ge25519_base.data +0 -850
- data/ext/ed25519/sc25519.c +0 -298
- data/ext/ed25519/sc25519.h +0 -73
- data/ext/ed25519/sha512-hash.c +0 -72
- data/ext/ed25519/sha512.h +0 -4
- data/lib/ed25519/jruby_engine.rb +0 -30
- data/tasks/extension.rake +0 -14
- data/tasks/rspec.rake +0 -9
@@ -0,0 +1,41 @@
|
|
1
|
+
#include <string.h>
|
2
|
+
#include "ed25519_ref10.h"
|
3
|
+
#include "sha512.h"
|
4
|
+
#include "ge.h"
|
5
|
+
#include "sc.h"
|
6
|
+
|
7
|
+
int crypto_sign_ed25519_ref10(
|
8
|
+
uint8_t *sm, uint64_t *smlen,
|
9
|
+
const uint8_t *m, uint64_t mlen,
|
10
|
+
const uint8_t *sk
|
11
|
+
)
|
12
|
+
{
|
13
|
+
unsigned char pk[32];
|
14
|
+
unsigned char az[64];
|
15
|
+
unsigned char nonce[64];
|
16
|
+
unsigned char hram[64];
|
17
|
+
ge_p3 R;
|
18
|
+
|
19
|
+
memmove(pk,sk + 32,32);
|
20
|
+
|
21
|
+
crypto_hash_sha512(az,sk,32);
|
22
|
+
az[0] &= 248;
|
23
|
+
az[31] &= 63;
|
24
|
+
az[31] |= 64;
|
25
|
+
|
26
|
+
*smlen = mlen + 64;
|
27
|
+
memmove(sm + 64,m,mlen);
|
28
|
+
memmove(sm + 32,az + 32,32);
|
29
|
+
crypto_hash_sha512(nonce,sm + 32,mlen + 32);
|
30
|
+
memmove(sm + 32,pk,32);
|
31
|
+
|
32
|
+
sc_reduce(nonce);
|
33
|
+
ge_scalarmult_base(&R,nonce);
|
34
|
+
ge_p3_tobytes(sm,&R);
|
35
|
+
|
36
|
+
crypto_hash_sha512(hram,sm,mlen + 64);
|
37
|
+
sc_reduce(hram);
|
38
|
+
sc_muladd(sm + 32,hram,az,nonce);
|
39
|
+
|
40
|
+
return 0;
|
41
|
+
}
|
@@ -0,0 +1 @@
|
|
1
|
+
-32595792,-7943725,9377950,3500415,12389472,-272473,-25146209,-2005654,326686,11406482
|
@@ -1,6 +1,6 @@
|
|
1
|
-
#include "
|
1
|
+
#include "ed25519_ref10.h"
|
2
2
|
|
3
|
-
int crypto_verify_32(const
|
3
|
+
int crypto_verify_32(const uint8_t *x,const uint8_t *y)
|
4
4
|
{
|
5
5
|
unsigned int differentbits = 0;
|
6
6
|
#define F(i) differentbits |= x[i] ^ y[i];
|
data/lib/ed25519.rb
CHANGED
@@ -1,21 +1,42 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
require "ed25519/version"
|
4
|
-
require "ed25519_engine"
|
5
|
-
require "ed25519/jruby_engine" if defined? JRUBY_VERSION
|
6
4
|
require "ed25519/signing_key"
|
7
5
|
require "ed25519/verify_key"
|
8
6
|
|
9
7
|
# The Ed25519 digital signatre algorithm
|
10
8
|
# rubocop:disable Metrics/LineLength
|
11
9
|
module Ed25519
|
12
|
-
|
13
|
-
PUBLIC_KEY_BYTES = 32
|
14
|
-
SIGNATURE_BYTES = 64
|
10
|
+
module_function
|
15
11
|
|
16
|
-
|
12
|
+
# Size of an Ed25519 key (public or private) in bytes
|
13
|
+
KEY_SIZE = 32
|
17
14
|
|
18
|
-
|
15
|
+
# Size of an Ed25519 signature in bytes
|
16
|
+
SIGNATURE_SIZE = 64
|
17
|
+
|
18
|
+
# Raised when a signature fails to verify
|
19
|
+
VerifyError = Class.new(StandardError)
|
20
|
+
|
21
|
+
# Raised when the built-in self-test fails
|
22
|
+
SelfTestFailure = Class.new(StandardError)
|
23
|
+
|
24
|
+
# Select the Ed25519::Provider to use based on the current environment
|
25
|
+
if defined? JRUBY_VERSION
|
26
|
+
require "ed25519/provider/jruby"
|
27
|
+
@provider = Ed25519::Provider::JRuby
|
28
|
+
else
|
29
|
+
require "ed25519_ref10"
|
30
|
+
@provider = Ed25519::Provider::Ref10
|
31
|
+
end
|
32
|
+
|
33
|
+
# Selected provider based on the logic above
|
34
|
+
def provider
|
35
|
+
@provider
|
36
|
+
end
|
37
|
+
|
38
|
+
# Perform a self-test to ensure the selected provider is working
|
39
|
+
def self_test
|
19
40
|
signature_key = Ed25519::SigningKey.new("A" * 32)
|
20
41
|
raise SelfTestFailure, "failed to generate verify key correctly" unless signature_key.verify_key.to_bytes.unpack("H*").first == "db995fe25169d141cab9bbba92baa01f9f2e1ece7df4cb2ac05190f37fcc1f9d"
|
21
42
|
|
@@ -27,8 +48,18 @@ module Ed25519
|
|
27
48
|
raise SelfTestFailure, "failed to verify a valid signature" unless verify_key.verify(signature, message)
|
28
49
|
|
29
50
|
bad_signature = signature[0...63] + "X"
|
30
|
-
|
51
|
+
ex = nil
|
52
|
+
|
53
|
+
# rubocop:disable Lint/HandleExceptions
|
54
|
+
begin
|
55
|
+
verify_key.verify(bad_signature, message)
|
56
|
+
rescue Ed25519::VerifyError => ex
|
57
|
+
end
|
58
|
+
# rubocop:enable Lint/HandleExceptions
|
59
|
+
|
60
|
+
raise SelfTestFailure, "failed to detect an invalid signature" unless ex.is_a?(Ed25519::VerifyError)
|
31
61
|
end
|
32
62
|
end
|
33
63
|
|
34
|
-
|
64
|
+
# Automatically run self-test when library loads
|
65
|
+
Ed25519.self_test
|
@@ -0,0 +1,39 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "java"
|
4
|
+
require "ed25519_java"
|
5
|
+
|
6
|
+
module Ed25519
|
7
|
+
module Provider
|
8
|
+
# Binding between the JRuby extension and the Ed25519::Provider API
|
9
|
+
#
|
10
|
+
# TODO: implement the Ed25519::Provider API natively in the Java extension
|
11
|
+
module JRuby
|
12
|
+
module_function
|
13
|
+
|
14
|
+
def create_keypair(seed)
|
15
|
+
raise ArgumentError, "seed must be #{KEY_SIZE}-bytes long" unless seed.length == Ed25519::KEY_SIZE
|
16
|
+
|
17
|
+
verify_key = org.cryptosphere.ed25519.publickey(seed.to_java_bytes)
|
18
|
+
verify_key = String.from_java_bytes(verify_key)
|
19
|
+
seed + verify_key
|
20
|
+
end
|
21
|
+
|
22
|
+
def sign(signing_key, message)
|
23
|
+
verify_key = signing_key[32, 32].to_java_bytes
|
24
|
+
signing_key = signing_key[0, 32].to_java_bytes
|
25
|
+
|
26
|
+
signature = org.cryptosphere.ed25519.signature(message.to_java_bytes, signing_key, verify_key)
|
27
|
+
String.from_java_bytes(signature)
|
28
|
+
end
|
29
|
+
|
30
|
+
def verify(verify_key, signature, message)
|
31
|
+
org.cryptosphere.ed25519.checkvalid(
|
32
|
+
signature.to_java_bytes,
|
33
|
+
message.to_java_bytes,
|
34
|
+
verify_key.to_java_bytes
|
35
|
+
)
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
data/lib/ed25519/signing_key.rb
CHANGED
@@ -5,22 +5,26 @@ require "securerandom"
|
|
5
5
|
module Ed25519
|
6
6
|
# Private key for producing digital signatures
|
7
7
|
class SigningKey
|
8
|
-
attr_reader :verify_key
|
8
|
+
attr_reader :seed, :keypair, :verify_key
|
9
9
|
|
10
|
+
# Generate a random Ed25519 signing key (i.e. private scalar)
|
10
11
|
def self.generate
|
11
|
-
new SecureRandom.random_bytes(Ed25519::
|
12
|
+
new SecureRandom.random_bytes(Ed25519::KEY_SIZE)
|
12
13
|
end
|
13
14
|
|
15
|
+
# Create a new Ed25519::SigningKey from the given seed value
|
16
|
+
#
|
17
|
+
# @param seed [String] 32-byte seed value from which the key should be derived
|
14
18
|
def initialize(seed)
|
15
|
-
raise ArgumentError, "seed must be
|
19
|
+
raise ArgumentError, "seed must be #{KEY_SIZE}-bytes long" unless seed.length == KEY_SIZE
|
16
20
|
@seed = seed
|
17
21
|
|
18
|
-
|
19
|
-
@verify_key = VerifyKey.new(
|
22
|
+
@keypair = Ed25519.provider.create_keypair(seed)
|
23
|
+
@verify_key = VerifyKey.new(@keypair[32, 32])
|
20
24
|
end
|
21
25
|
|
22
26
|
def sign(message)
|
23
|
-
Ed25519
|
27
|
+
Ed25519.provider.sign(@keypair, message)
|
24
28
|
end
|
25
29
|
|
26
30
|
def inspect
|
@@ -28,7 +32,7 @@ module Ed25519
|
|
28
32
|
end
|
29
33
|
|
30
34
|
def to_bytes
|
31
|
-
|
35
|
+
seed
|
32
36
|
end
|
33
37
|
alias to_str to_bytes
|
34
38
|
end
|
data/lib/ed25519/verify_key.rb
CHANGED
@@ -3,26 +3,42 @@
|
|
3
3
|
module Ed25519
|
4
4
|
# Public key for verifying digital signatures
|
5
5
|
class VerifyKey
|
6
|
+
# Create a Ed25519::VerifyKey from its serialized Twisted Edwards representation
|
7
|
+
#
|
8
|
+
# @param key [String] 32-byte string representing a serialized public key
|
6
9
|
def initialize(key)
|
7
|
-
raise ArgumentError, "seed must be 32 bytes long" unless key.length ==
|
8
|
-
@
|
10
|
+
raise ArgumentError, "seed must be 32 bytes long" unless key.length == KEY_SIZE
|
11
|
+
@key_bytes = key
|
9
12
|
end
|
10
13
|
|
14
|
+
# Verify an Ed25519 signature against the message
|
15
|
+
#
|
16
|
+
# @param signature [String] 64-byte string containing an Ed25519 signature
|
17
|
+
# @param message [String] string containing message to be verified
|
18
|
+
#
|
19
|
+
# @raise Ed25519::VerifyError signature verification failed
|
20
|
+
#
|
21
|
+
# @return [true] message verified successfully
|
11
22
|
def verify(signature, message)
|
12
|
-
if signature.length !=
|
13
|
-
raise ArgumentError, "expected #{
|
23
|
+
if signature.length != SIGNATURE_SIZE
|
24
|
+
raise ArgumentError, "expected #{SIGNATURE_SIZE} byte signature, got #{signature.length}"
|
14
25
|
end
|
15
26
|
|
16
|
-
Ed25519
|
17
|
-
|
18
|
-
|
19
|
-
def inspect
|
20
|
-
to_s
|
27
|
+
return true if Ed25519.provider.verify(@key_bytes, signature, message)
|
28
|
+
raise VerifyError, "signature verification failed!"
|
21
29
|
end
|
22
30
|
|
31
|
+
# Return a compressed twisted Edwards coordinate representing the public key
|
32
|
+
#
|
33
|
+
# @return [String] bytestring serialization of this public key
|
23
34
|
def to_bytes
|
24
|
-
@
|
35
|
+
@key_bytes
|
25
36
|
end
|
26
37
|
alias to_str to_bytes
|
38
|
+
|
39
|
+
# Show hex representation of serialized coordinate in string inspection
|
40
|
+
def inspect
|
41
|
+
"#<#{self.class}:#{@key_bytes.unpack('H*').first}>"
|
42
|
+
end
|
27
43
|
end
|
28
44
|
end
|
data/lib/ed25519/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ed25519
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tony Arcieri
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-12-
|
11
|
+
date: 2017-12-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -30,7 +30,7 @@ email:
|
|
30
30
|
- tony.arcieri@gmail.com
|
31
31
|
executables: []
|
32
32
|
extensions:
|
33
|
-
- ext/
|
33
|
+
- ext/ed25519_ref10/extconf.rb
|
34
34
|
extra_rdoc_files: []
|
35
35
|
files:
|
36
36
|
- ".gitignore"
|
@@ -45,33 +45,73 @@ files:
|
|
45
45
|
- Rakefile
|
46
46
|
- ed25519.gemspec
|
47
47
|
- ed25519.png
|
48
|
-
- ext/ed25519
|
49
|
-
- ext/
|
50
|
-
- ext/
|
51
|
-
- ext/
|
52
|
-
- ext/
|
53
|
-
- ext/
|
54
|
-
- ext/
|
55
|
-
- ext/
|
56
|
-
- ext/
|
57
|
-
- ext/
|
58
|
-
- ext/
|
59
|
-
- ext/
|
60
|
-
- ext/
|
61
|
-
- ext/
|
62
|
-
- ext/
|
63
|
-
- ext/
|
64
|
-
- ext/
|
65
|
-
- ext/
|
66
|
-
- ext/
|
67
|
-
- ext/
|
48
|
+
- ext/ed25519_java/org/cryptosphere/ed25519.java
|
49
|
+
- ext/ed25519_ref10/api.h
|
50
|
+
- ext/ed25519_ref10/base.h
|
51
|
+
- ext/ed25519_ref10/base2.h
|
52
|
+
- ext/ed25519_ref10/d.h
|
53
|
+
- ext/ed25519_ref10/d2.h
|
54
|
+
- ext/ed25519_ref10/ed25519_ref10.c
|
55
|
+
- ext/ed25519_ref10/ed25519_ref10.h
|
56
|
+
- ext/ed25519_ref10/extconf.rb
|
57
|
+
- ext/ed25519_ref10/fe.h
|
58
|
+
- ext/ed25519_ref10/fe_0.c
|
59
|
+
- ext/ed25519_ref10/fe_1.c
|
60
|
+
- ext/ed25519_ref10/fe_add.c
|
61
|
+
- ext/ed25519_ref10/fe_cmov.c
|
62
|
+
- ext/ed25519_ref10/fe_copy.c
|
63
|
+
- ext/ed25519_ref10/fe_frombytes.c
|
64
|
+
- ext/ed25519_ref10/fe_invert.c
|
65
|
+
- ext/ed25519_ref10/fe_isnegative.c
|
66
|
+
- ext/ed25519_ref10/fe_isnonzero.c
|
67
|
+
- ext/ed25519_ref10/fe_mul.c
|
68
|
+
- ext/ed25519_ref10/fe_neg.c
|
69
|
+
- ext/ed25519_ref10/fe_pow22523.c
|
70
|
+
- ext/ed25519_ref10/fe_sq.c
|
71
|
+
- ext/ed25519_ref10/fe_sq2.c
|
72
|
+
- ext/ed25519_ref10/fe_sub.c
|
73
|
+
- ext/ed25519_ref10/fe_tobytes.c
|
74
|
+
- ext/ed25519_ref10/ge.h
|
75
|
+
- ext/ed25519_ref10/ge_add.c
|
76
|
+
- ext/ed25519_ref10/ge_add.h
|
77
|
+
- ext/ed25519_ref10/ge_double_scalarmult.c
|
78
|
+
- ext/ed25519_ref10/ge_frombytes.c
|
79
|
+
- ext/ed25519_ref10/ge_madd.c
|
80
|
+
- ext/ed25519_ref10/ge_madd.h
|
81
|
+
- ext/ed25519_ref10/ge_msub.c
|
82
|
+
- ext/ed25519_ref10/ge_msub.h
|
83
|
+
- ext/ed25519_ref10/ge_p1p1_to_p2.c
|
84
|
+
- ext/ed25519_ref10/ge_p1p1_to_p3.c
|
85
|
+
- ext/ed25519_ref10/ge_p2_0.c
|
86
|
+
- ext/ed25519_ref10/ge_p2_dbl.c
|
87
|
+
- ext/ed25519_ref10/ge_p2_dbl.h
|
88
|
+
- ext/ed25519_ref10/ge_p3_0.c
|
89
|
+
- ext/ed25519_ref10/ge_p3_dbl.c
|
90
|
+
- ext/ed25519_ref10/ge_p3_to_cached.c
|
91
|
+
- ext/ed25519_ref10/ge_p3_to_p2.c
|
92
|
+
- ext/ed25519_ref10/ge_p3_tobytes.c
|
93
|
+
- ext/ed25519_ref10/ge_precomp_0.c
|
94
|
+
- ext/ed25519_ref10/ge_scalarmult_base.c
|
95
|
+
- ext/ed25519_ref10/ge_sub.c
|
96
|
+
- ext/ed25519_ref10/ge_sub.h
|
97
|
+
- ext/ed25519_ref10/ge_tobytes.c
|
98
|
+
- ext/ed25519_ref10/keypair.c
|
99
|
+
- ext/ed25519_ref10/open.c
|
100
|
+
- ext/ed25519_ref10/pow22523.h
|
101
|
+
- ext/ed25519_ref10/pow225521.h
|
102
|
+
- ext/ed25519_ref10/sc.h
|
103
|
+
- ext/ed25519_ref10/sc_muladd.c
|
104
|
+
- ext/ed25519_ref10/sc_reduce.c
|
105
|
+
- ext/ed25519_ref10/sha512.c
|
106
|
+
- ext/ed25519_ref10/sha512.h
|
107
|
+
- ext/ed25519_ref10/sign.c
|
108
|
+
- ext/ed25519_ref10/sqrtm1.h
|
109
|
+
- ext/ed25519_ref10/verify.c
|
68
110
|
- lib/ed25519.rb
|
69
|
-
- lib/ed25519/
|
111
|
+
- lib/ed25519/provider/jruby.rb
|
70
112
|
- lib/ed25519/signing_key.rb
|
71
113
|
- lib/ed25519/verify_key.rb
|
72
114
|
- lib/ed25519/version.rb
|
73
|
-
- tasks/extension.rake
|
74
|
-
- tasks/rspec.rake
|
75
115
|
homepage: https://github.com/cryptosphere/ed25519
|
76
116
|
licenses: []
|
77
117
|
metadata: {}
|
data/ext/ed25519/crypto_int32.h
DELETED
data/ext/ed25519/crypto_sign.h
DELETED
@@ -1,13 +0,0 @@
|
|
1
|
-
#ifndef crypto_sign_edwards25519sha512batch_H
|
2
|
-
#define crypto_sign_edwards25519sha512batch_H
|
3
|
-
|
4
|
-
#define SECRETKEYBYTES 64
|
5
|
-
#define PUBLICKEYBYTES 32
|
6
|
-
#define SIGNATUREBYTES 64
|
7
|
-
|
8
|
-
extern int crypto_sign(unsigned char *,unsigned long long *,const unsigned char *,unsigned long long,const unsigned char *);
|
9
|
-
extern int crypto_sign_open(unsigned char *,unsigned long long *,const unsigned char *,unsigned long long,const unsigned char *);
|
10
|
-
extern int crypto_sign_keypair(unsigned char *,unsigned char *);
|
11
|
-
extern int crypto_sign_publickey(unsigned char *pk, unsigned char *sk, unsigned char *seed);
|
12
|
-
|
13
|
-
#endif
|
data/ext/ed25519/crypto_uint32.h
DELETED
data/ext/ed25519/ed25519.c
DELETED
@@ -1,136 +0,0 @@
|
|
1
|
-
#include "crypto_sign.h"
|
2
|
-
|
3
|
-
#include "crypto_verify_32.h"
|
4
|
-
#include "sha512.h"
|
5
|
-
|
6
|
-
#include "ge25519.h"
|
7
|
-
|
8
|
-
static void get_hram(unsigned char *hram, const unsigned char *sm, const unsigned char *pk, unsigned char *playground, unsigned long long smlen)
|
9
|
-
{
|
10
|
-
unsigned long long i;
|
11
|
-
|
12
|
-
for (i = 0;i < 32;++i) playground[i] = sm[i];
|
13
|
-
for (i = 32;i < 64;++i) playground[i] = pk[i-32];
|
14
|
-
for (i = 64;i < smlen;++i) playground[i] = sm[i];
|
15
|
-
|
16
|
-
crypto_hash_sha512(hram,playground,smlen);
|
17
|
-
}
|
18
|
-
|
19
|
-
|
20
|
-
int crypto_sign_publickey(
|
21
|
-
unsigned char *pk, // write 32 bytes into this
|
22
|
-
unsigned char *sk, // write 64 bytes into this (seed+pubkey)
|
23
|
-
unsigned char *seed // 32 bytes
|
24
|
-
)
|
25
|
-
{
|
26
|
-
sc25519 scsk;
|
27
|
-
ge25519 gepk;
|
28
|
-
int i;
|
29
|
-
|
30
|
-
crypto_hash_sha512(sk, seed, 32);
|
31
|
-
sk[0] &= 248;
|
32
|
-
sk[31] &= 127;
|
33
|
-
sk[31] |= 64;
|
34
|
-
|
35
|
-
sc25519_from32bytes(&scsk,sk);
|
36
|
-
|
37
|
-
ge25519_scalarmult_base(&gepk, &scsk);
|
38
|
-
ge25519_pack(pk, &gepk);
|
39
|
-
for(i=0;i<32;i++)
|
40
|
-
sk[32 + i] = pk[i];
|
41
|
-
for(i=0;i<32;i++)
|
42
|
-
sk[i] = seed[i];
|
43
|
-
return 0;
|
44
|
-
}
|
45
|
-
|
46
|
-
int crypto_sign(
|
47
|
-
unsigned char *sm,unsigned long long *smlen,
|
48
|
-
const unsigned char *m,unsigned long long mlen,
|
49
|
-
const unsigned char *sk
|
50
|
-
)
|
51
|
-
{
|
52
|
-
sc25519 sck, scs, scsk;
|
53
|
-
ge25519 ger;
|
54
|
-
unsigned char r[32];
|
55
|
-
unsigned char s[32];
|
56
|
-
unsigned char extsk[64];
|
57
|
-
unsigned long long i;
|
58
|
-
unsigned char hmg[crypto_hash_sha512_BYTES];
|
59
|
-
unsigned char hram[crypto_hash_sha512_BYTES];
|
60
|
-
|
61
|
-
crypto_hash_sha512(extsk, sk, 32);
|
62
|
-
extsk[0] &= 248;
|
63
|
-
extsk[31] &= 127;
|
64
|
-
extsk[31] |= 64;
|
65
|
-
|
66
|
-
*smlen = mlen+64;
|
67
|
-
for(i=0;i<mlen;i++)
|
68
|
-
sm[64 + i] = m[i];
|
69
|
-
for(i=0;i<32;i++)
|
70
|
-
sm[32 + i] = extsk[32+i];
|
71
|
-
|
72
|
-
crypto_hash_sha512(hmg, sm+32, mlen+32); /* Generate k as h(extsk[32],...,extsk[63],m) */
|
73
|
-
|
74
|
-
/* Computation of R */
|
75
|
-
sc25519_from64bytes(&sck, hmg);
|
76
|
-
ge25519_scalarmult_base(&ger, &sck);
|
77
|
-
ge25519_pack(r, &ger);
|
78
|
-
|
79
|
-
/* Computation of s */
|
80
|
-
for(i=0;i<32;i++)
|
81
|
-
sm[i] = r[i];
|
82
|
-
|
83
|
-
get_hram(hram, sm, sk+32, sm, mlen+64);
|
84
|
-
|
85
|
-
sc25519_from64bytes(&scs, hram);
|
86
|
-
sc25519_from32bytes(&scsk, extsk);
|
87
|
-
sc25519_mul(&scs, &scs, &scsk);
|
88
|
-
|
89
|
-
sc25519_add(&scs, &scs, &sck);
|
90
|
-
|
91
|
-
sc25519_to32bytes(s,&scs); /* cat s */
|
92
|
-
for(i=0;i<32;i++)
|
93
|
-
sm[32 + i] = s[i];
|
94
|
-
|
95
|
-
return 0;
|
96
|
-
}
|
97
|
-
|
98
|
-
int crypto_sign_open(
|
99
|
-
unsigned char *m,unsigned long long *mlen,
|
100
|
-
const unsigned char *sm,unsigned long long smlen,
|
101
|
-
const unsigned char *pk
|
102
|
-
)
|
103
|
-
{
|
104
|
-
int i, ret;
|
105
|
-
unsigned char t2[32];
|
106
|
-
ge25519 get1, get2;
|
107
|
-
sc25519 schram, scs;
|
108
|
-
unsigned char hram[crypto_hash_sha512_BYTES];
|
109
|
-
|
110
|
-
if (ge25519_unpackneg_vartime(&get1, pk)) return -1;
|
111
|
-
|
112
|
-
get_hram(hram,sm,pk,m,smlen);
|
113
|
-
|
114
|
-
sc25519_from64bytes(&schram, hram);
|
115
|
-
|
116
|
-
sc25519_from32bytes(&scs, sm+32);
|
117
|
-
|
118
|
-
ge25519_double_scalarmult_vartime(&get2, &get1, &schram, &ge25519_base, &scs);
|
119
|
-
ge25519_pack(t2, &get2);
|
120
|
-
|
121
|
-
ret = crypto_verify_32(sm, t2);
|
122
|
-
|
123
|
-
if (!ret)
|
124
|
-
{
|
125
|
-
for(i=0;i<smlen-64;i++)
|
126
|
-
m[i] = sm[i + 64];
|
127
|
-
*mlen = smlen-64;
|
128
|
-
}
|
129
|
-
else
|
130
|
-
{
|
131
|
-
for(i=0;i<smlen-64;i++)
|
132
|
-
m[i] = 0;
|
133
|
-
*mlen = (unsigned long long) -1;
|
134
|
-
}
|
135
|
-
return ret;
|
136
|
-
}
|